Develop a strong understanding of data protection legislation and compliance while earning recognition as a Law Society of Scotland Certified Specialist and obtaining a certificate (Data Protection (GDPR) Practitioner Certificate) awarded by TQUK.
The course assumes little or no previous knowledge of data protection and will cover, in a practical context, the UK GDPR, the Data Protection Act 2018 and the Privacy and Electronic Communications Regulations 2003. The main points of this legislation will be explained with an emphasis on practical aspects of compliance.
The course will take place over four and a half days and will comprise of lectures, discussion and practical exercises. The final afternoon will comprise of a multiple choice test which, once passed, will allow you to receive LSS certification and your TQUK certificate.
|Date||Location||Training Day Focus|
|Tuesday 15 June, 9.30am - 4.30pm||Online||History, GDPR & Personal Data Overview|
|Thursday 17 June, 9.30am - 4.30pm||Online||Legal Bases, Consent & Transparency|
|Tuesday 22 June, 9.30am - 4.30pm||Online||Data Subject Rights, Sharing & Obligatins|
|Thursday 24 June, 9.30am - 4.30pm||Online||International Focus & The 2018 Act|
|Tuesday 29 June, 9.30am - 4.30pm||Online||Marketing, Governance & the ICO + Course Test|
The course is priced at £1440 + VAT and consists of 30 hours of verified CPD.
If you’re not a member, please contact our CPD team to book: CPD@lawscot.org.uk
Please note there are only 15 spaces available. The course will take place on Zoom.
The course is taught by Tim Musson, Managing Director of Computer Law Training Ltd. Successful completion of the course will result in becoming a Law Society of Scotland Certified Specialist and obtaining a certificate (Data Protection (GDPR) Practitioner Certificate) awarded by TQUK.
- Sign up for the certified course in Data Protection
- Attend five live online training days facilitated by Computer Law Training Ltd (29 hours verifiable CPD)
- Complete the online test (1 hr verified CPD)
- Certification in Data Protection awarded with use of our marque alongside obtaining a certificate (Data Protection (GDPR) Practitioner Certificate) awarded by TQUK.
Alongside use of our Law Society of Scotland marque and your certification, successful completion of this course will award you with The Data Protection (GDPR) Practitioner Certificate.
This is an internationally recognised qualification, endorsed by TQUK, which is regulated by Ofqual. It equips current and aspiring data protection officers and data protection managers with knowledge and skills to undertake data protection compliance activities throughout an organisation. It is a valuable course for anybody with data protection compliance responsibilities.
History and Background:
- Brief historical development
- Importance of data protection
UK GDPR Overview:
- Scope (material and territorial)
- Essential Definitions
- Data Protection Principles
- Data Subject Rights
- Information Security Requirements
- Breach Reporting / Recording
- Data Protection by design & default
- Data Protection Impact Assessments
- Data Processors
- Restricted (International) Transfers
- Relationship with EU GDPR
What is Personal Data?
- ICO guidance
Day two will take more of a deep dive into legal bases, consent and transparency.
Purposes of Processing & Legal Bases:
- Specified, Explicit, Legitimate Purposes
- Lawfulness Requirement
- 6 Legal Bases
- Deciding on a Legal Basis
Consent in Detail:
- Operation of Consent
- Problems with consent
Special Categories of Personal Data:
- What are Special Categories
- Why they are important
- Conditions for Processing
- Information Required and Modality
- ‘Layered’ Approach
Day two will focus on the availability, management and procedures involved in data subject rights, and will also take a further look at data sharing and information security obligations.
Data Subject Rights:
- Management Issues
Data Sharing, Processors and Controllers:
- Processors and Contracts
- Joint Controllers and Agreements
- One-off Sharing
- Legal Basis
Information Security Obligations:
- Risk analysis
- ‘Appropriate’ Security
- Some Common Security Risks
- Breach Reporting and Recording obligations
Starting off with a more international focus, day four will recap the 2018 Data Protection Act and will end by taking a look at the accountability principle.
Restricted (International) Transfers:
- Adequacy and the EU
- Transfers with Appropriate Safeguards: SCCs
- Binding Corporate Rules
- Derogations for Specific Situations
- Schrems Judgement and its Implications
Data Protection by Design & by Default:
- Data Protection Impact Assessments (DPIAs)
- Criteria for a DPIA
- Carrying out a DPIA
The Data Protection Act 2018:
- Relationship with the UK GDPR
- Structure & Scope
- Main Points
The Accountability Principle:
- The "Accountability Portfolio"?
On the final day of the course, we will look at other issues such as staff training and children's data, direct marketing, governance and a overview of the role of the Information Commissioner's Office before ending the day with a test that encompasses content covered throughout the course.
- Children’s Data
- Some Issues Around Artificial Intelligence
- Codes of Conduct
- Staff Training
Data Protection and Direct Marketing:
- UK GDPR
- ICO Guidance
Data Protection Governance:
- Data Protection Officers (DPOs)
- Who needs a DPO?
- Who can be a DPO?
- What does a DPO do?
- The Personal Data Audit & Record of Processing
- Data Protection Audit and Gap Analysis
- The ICO and its Role
- The European Data Protection Board (EDPB)
Held at the end of day five, candidates will be given a multiple choice test and will have 1 hour to answer 40 questions.